Existing Solutions Summary

  • Ganna PogrebnaEmail author
  • Mark Skilton


In this chapter we discuss the way in which businesses currently address existing cybersecurity risks. Specifically, we distinguish between the Canvas approach (“patching with frameworks and architectures”), the Technology-driven approach (“patching with technology”) and the Human-centered approach (“patching with people”). We discuss the pros and cons of each approach and analyze their related tools and methods.


  1. 1.
    Ashenden, D., & Lawrence, D. (2013, December). Can we sell security like soap? A new approach to behaviour change. In Proceedings of the 2013 Workshop on New Security Paradigms Workshop (pp. 87–94). ACM.Google Scholar
  2. 2.
    Ashenden, D., & Sasse, A. (2013). CISOs and organisational change: Their own worst enemy? Computers & Security, 39, 396–405.Google Scholar
  3. 3.
    Taratine, B. (2018). How can we build an agile robust resilient (cyber)security defence system? LinkedIn article.
  4. 4.
    Snowden, D. (2011). Risk and resilience.
  5. 5.
    Wolff, J. (2006). Risk, fear, blame, shame and the regulation of public safety. Economics and Philosophy, 22, 409–427.CrossRefGoogle Scholar
  6. 6.
    Ralston, P. A., Graham, J. H., & Hieb, J. L. (2007). Cyber security risk assessment for SCADA and DCS networks. ISA Transactions, 46(4), 583–594.CrossRefGoogle Scholar
  7. 7.
    Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K. (2016). A review of cyber security risk assessment methods for SCADA systems. Computers & Security, 56, 1–27.Google Scholar
  8. 8.
    Hughes, J., & Cybenko, G. (2013). Quantitative metrics and risk assessment: The three tenets model of cybersecurity. Technology Innovation Management Review, 3(8), 15–24.Google Scholar
  9. 9.
    Cooper, P. (2016). Cognitive active cyber defence: Finding value through hacking human nature (MSc dissertation). Cranfield University.Google Scholar
  10. 10.
    Renaud, K., & Zimmerman, V. (2018, February). Nudging folks towards stronger password choices: Providing certainty is the key. Behavioural Public Policy, 1–31.
  11. 11.
    Alkaldi, N., & Renaud, K. (2018, October 2). Encouraging password manager adoption by meeting adopter self-determination needs (Extended Version). Available at SSRN
  12. 12.
    Kharlamov, A., Jaiswal, A., Parry, G., & Pogrebna, G. (2018). Heavy regulation and excessive information about cybersecurity makes people risk taking in cyberspace (Alan Turing Institute Working Paper).Google Scholar
  13. 13.
    Svenson, O. (1981). Are we all less risky and more skillful than our fellow drivers? Acta Psychologica, 47(2), 143–148.CrossRefGoogle Scholar
  14. 14.
    Friedman, S. E., Musliner, D. J., & Rye, J. M. (2014). Improving automated cybersecurity by generalizing faults and quantifying patch performance. International Journal on Advances in Security, 7(3–4), 121–130. Google Scholar
  15. 15.
    Jenkins, D., Arnaud, J., Thompson, S., Yau, M., & Wright, J. (2014). Version control and patch management of protection and automation systems. Paper Presented at the 2014 12th International Conference on Developments in Power System Protection (DPSP), Copenhagen, Denmark, 31 March–3 April.Google Scholar
  16. 16.
    Kilber, J., Barclay, A., & Ohmer, D. (2014). Seven tips for managing Generation Y. Journal of Management Policy and Practice, 15(4), 80.Google Scholar

Copyright information

© The Author(s) 2019

Authors and Affiliations

  1. 1.University of BirminghamBirminghamUK
  2. 2.The Alan Turing InstituteLondonUK
  3. 3.Warwick Business SchoolUniversity of WarwickCoventryUK

Personalised recommendations